Latest CVE Feed
-
7.8
HIGHCVE-2025-21421
Memory corruption while processing escape code in API.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +80 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21423
Memory corruption occurs when handling client calls to EnableTestMode through an Escape call.... Read more
Affected Products : aqt1000_firmware qca6391_firmware qca6420_firmware qca6430_firmware wcd9341_firmware wcd9380_firmware wcd9385_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware +80 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21425
Memory corruption may occur due top improper access control in HAB process.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +56 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
-
5.5
MEDIUMCVE-2025-21431
Information disclosure may be there when a guest VM is connected.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +62 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21442
Memory corruption while transmitting packet mapping information with invalid header payload size.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware +42 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-21443
Memory corruption while processing message content in eAVB.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +62 more products- Published: Apr. 07, 2025
- Modified: Aug. 19, 2025
-
6.3
MEDIUMCVE-2024-49825
IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.20 and 23.0.0 through 23.0.20 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system.... Read more
- Published: Apr. 14, 2025
- Modified: Aug. 19, 2025
-
7.5
HIGHCVE-2024-22314
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.... Read more
Affected Products : storage_defender_resiliency_service- Published: Apr. 16, 2025
- Modified: Aug. 19, 2025
-
8.1
HIGHCVE-2020-10650
A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jnd... Read more
- EPSS Score: %6.71
- Published: Dec. 26, 2022
- Modified: Aug. 19, 2025
-
8.0
HIGHCVE-2022-21661
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certai... Read more
- EPSS Score: %90.23
- Published: Jan. 06, 2022
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-6230
A SQL injection vulnerability was reported in Lenovo Vantage that could allow a local attacker to modify the local SQLite database and execute limited SQLite commands.... Read more
- Published: Jul. 17, 2025
- Modified: Aug. 19, 2025
-
8.5
HIGHCVE-2025-7848
A memory corruption vulnerability due to improper input validation in lvpict.cpp exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerabil... Read more
Affected Products : labview- Published: Jul. 29, 2025
- Modified: Aug. 19, 2025
-
7.5
HIGHCVE-2024-8927
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, HTTP_REDIRECT_STATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be con... Read more
- Published: Oct. 08, 2024
- Modified: Aug. 19, 2025
-
3.3
LOWCVE-2024-9026
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using PHP-FPM SAPI and it is configured to catch workers output through catch_workers_output = yes, it may be possible to pollute the final log or remove up to 4 character... Read more
- Published: Oct. 08, 2024
- Modified: Aug. 19, 2025
-
8.8
HIGHCVE-2024-8926
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and... Read more
- Published: Oct. 08, 2024
- Modified: Aug. 19, 2025
-
5.3
MEDIUMCVE-2024-8925
In PHP versions 8.1.* before 8.1.30, 8.2.* before 8.2.24, 8.3.* before 8.3.12, erroneous parsing of multipart form data contained in an HTTP POST request could lead to legitimate data not being processed. This could lead to malicious attacker able to cont... Read more
- Published: Oct. 08, 2024
- Modified: Aug. 19, 2025
-
8.5
HIGHCVE-2025-7361
A code injection vulnerability due to an improper initialization check exists in NI LabVIEW that may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI using a CIN node. This vul... Read more
- Published: Jul. 29, 2025
- Modified: Aug. 19, 2025
-
6.1
MEDIUMCVE-2025-5417
An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, ca... Read more
Affected Products :- Published: Aug. 19, 2025
- Modified: Aug. 19, 2025
-
5.4
MEDIUMCVE-2025-52392
Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative acces... Read more
Affected Products :- Published: Aug. 13, 2025
- Modified: Aug. 19, 2025
-
7.8
HIGHCVE-2025-2634
Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This v... Read more
Affected Products : labview- Published: Jul. 23, 2025
- Modified: Aug. 19, 2025